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Additional Information: [full ci tation , abstract, references, citings, index terms 
review 

Process groups are a common abstraction for fault-tolerant computing in distributed systems. We 
present a security architecture that extends the process group into a security abstraction. Integral pai 
this architecture are services that securely and fault tolerantly support cryptographic key distributioi 
Using replication only when necessary, and introducing novel replication techniques when it was 
necessary, we have constructed these services both to be easily defensible against atta ... 
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review 



We describe a design for security in a distributed system and its implementation. In our design, 
applications gain access to security services through a narrow interface. This interface provides a nc 
of identity that includes simple principals, groups, roles, and delegations. A new operating system 
component manages principals, credentials, and secure channels. It checks credentials according to 
formal rules of a logic of authentication. Our implementation is efficient enough to sup ... 
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From the Preface (See Front Matter for full Preface) 

Electronic computers have evolved from exiguous experimental enterprises in the 1940s to prolific 
practical data processing systems in the 1980s. As we have come to rely on these systems to process 
store data, we have also come to wonder about their ability to protect valuable data. 

Data security is the science and study of methods of protecting data in computer and communicatioi 
systems from unauthorized disclosure ... 
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Full text available: Qpdf(261 r 78 KB) Additional Information: JfulJ citation, abstract, references, citings, i n dex te r ms 

Transport layer protocols provide for end-to-end communication between two or more hosts. This p 
presents a tutorial on transport layer concepts and terminology, and a survey of transport layer servi 
and protocols. The transport layer protocol TCP is used as a reference point, and compared and 
contrasted with nineteen other protocols designed over the past two decades. The service and protoc 
features of twelve of the most important protocols are summarized in both text and tables.< ... 
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Full text available* [7] pdf(393 65 KB) Additional Information: [full citation, abstr act, references, citings, index term s 



review 



Sun's announcement of the programming language Java more that anything popularized the notion ( 
mobile code, that is, programs traveling on a heterogeneous network and automatically executing uj 
arrival at the destination. We describe several classes of mobile code and extract their common 
characteristics, where security proves to be one of the major concerns. With these characteristics as 
reference points, we examine six representative languages proposed for mobile code. The conclusio 

Keywords: Java, Limbo, Objective Caml, Obliq, Safe-Tel, distribution, formal methods, mobile cot 
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November 1997 Proceedings of the 1997 conference of the Centre for Advanced Studies on 

Collaborative research CASCON '97 
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Full text available: p~]pdf(4.21 MB) Additional Information: {full citation, abstract, references, index terms 

Understanding distributed applications is a tedious and difficult task. Visualizations based on proce: 
time diagrams are often used to obtain a better understanding of the execution of the application. Th 
visualization tool we use is Poet, an event tracer developed at the University of Waterloo. However, 
these diagrams are often very complex and do not provide the user with the desired overview of the 
application. In our experience, such tools display repeated occurrences of non-trivial commun ... 



9 Column 

Peter G. Neumann 

January 2001 ACM SIGSOFT Software Engineering Notes, volume 26 issue i 
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Full text available: p~| pdf(3.24 MB) Additional Information: [full citation 
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10 FIRE: flexible Intra-AS routing environment 
Craig Partridge, Alex C. Snoeren, W. Timothy Strayer, Beverly Schwartz, Matthew Condell, Isidro 
Castineyra 

August 2000 ACM SIGCOMM Computer Communication Review , Proceedings of the conferei 
on Applications, Technologies, Architectures, and Protocols for Computer 
Communication SIGCOMM '00, Volume 30 Issue 4 

Publisher: ACM Press 

Full text available:^ pdf (1 0 7.75 KB) Additional Information: [full citation, abstract, references, citings, in d ex terms 

Current routing protocols are monolithic, specifying the algorithm used to construct forwarding tabl 
the metric used by the algorithm (generally some form of hop-count), and the protocol used to distri 
these metrics as an integrated package. The Flexible Intra-AS Routing Environment (FIRE) is a lint 
state, intra-domain routing protocol that decouples these components. FIRE supports run-time -pro- 
grammable algorithms and metrics over a secure link-state distribution protocol. By allow ... 

11 Strategic directions in electronic commerce and digital libraries: towards a dig ital agora 
Nabil Adam, Yelena Yesha 

December 1996 ACM Computing Surveys (CSUR), volume 28 issue 4 
Publisher: ACM Press 

Full text available: [J] Pdf (244. 34 KB) Additional Information: {full c itat ion, references, citing s, index term s 
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October 1995 ACM SIGSOFT Software Engineering Notes , Proceedings of the 3rd ACM 
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Publisher: ACM Press 

Full text available: p"]„ pdf(1 . 14 MB ) Additional Information: [full citation, references, citings, index terms 



Keywords: abstraction mappings, cache coherence protocols, distributed systems, finite state machi 
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^ Keok Auyong, Chye-Lin Chee 
July 1997 ACM SIGOPS Operating Systems Review, volume 3 1 issues 
Publisher: ACM Press 

Full text available: Q] pdf(1.03 MB ) Additional Information: [full ci tation, abstract, index terms 

The paper surveys the authentication services used by modern computer systems and presents the m 
operational authentication services employed by commercial companies, banking as well as governi 
departments. As distributed system services are susceptible to a variety of threats mounted by intruc 
as well as legitimate users of the system, password-based authentication is not suitable for use on 
computer networks. 



14 Security prob l ems in the TCP/IP p rotocol su ite 
S. M. Bellovin 

JU April 1989 ACM SIGCOMM Computer Communication Review, volume 19 issue 2 
Publisher: ACM Press 

Full text available: Q~Jpdf(2.72 MB) Additional Information: [full citation , abstract, citings, index terms 

The TCP/IP protocol suite, which is very widely used today, was developed under the sponsorship c 
Department of Defense. Despite that, there are a number of serious security flaws inherent in the 
protocols, regardless of the correctness of any implementations. We describe a variety of attacks ba: 
on these flaws, including sequence number spoofing, routing attacks, source address spoofing, and 
authentication attacks. We also present defenses against these attacks, and conclude with a discu ... 
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15 l olus: a framework for scalable secure multicastin g 
Suvo Mittra 

October 1997 ACM SIGCOMM Computer Communication Review , Proceedings of the ACM 
SIGCOMM '97 conference on Applications, technologies, architectures, and prot< 
for computer communication SIGCOMM '97, Volume 27 Issue 4 
Publisher: ACM Press 

Full text available: p]. pdf(1.70 MB) Additional Information: [ full citation , abstract, references, citings, index terms 

As multicast applications are deployed for mainstream use, the need to secure multicast communica 
will become critical. Multicast, however, does not fit the point-to-point model of most network seen 
protocols which were designed with unicast communications in mind. As we will show, securing 
multicast (or group) communications is fundamentally different from securing unicast (or paired) 
communications. In turn, these differences can result in scalability problems for many typical applic 
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16 Session summaries from the 17th symposium on operating systems principle (SOS P '99) 
Jay Lepreau, Eric Eide 

April 2000 ACM SIGOPS Operating Systems Review, volume 34 issue 2 
Publisher: ACM Press 

Full text available: [7] pdf(3.15 MB) Additional Information: { full ci t ation , index t erms 



17 Server-assisted cryptography 
Donald Beaver 

January 1998 Proceedings of the 1998 workshop on New security paradigms NSPW '98 
Publisher: ACM Press 
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18 Mobile networking in the Internet 
Charles E. Perkins 

December 1998 Mobile Networks and Applications, volume 3 issue 4 
Publisher: Kluwer Academic Publishers 



Full text available: [J pdf(1 66.90 KB) Additional Information: [full citation, abstract, references, cited by . index term 



Computers capable of attaching to the Internet from many places are likely to grow in popularity un 
they dominate the population of the Internet. Consequently, protocol research has shifted into high \ 
to develop appropriate network protocols for supporting mobility. This introductory article attempts 
outline some of the many promising and interesting research directions. The papers in this special is 
indicate the diversity of viewpoints within the research community, and it is ... 

19 Andrew: a distributed pe rsona l computing environmen t 
James H. Morris, Mahadev Satyanarayanan, Michael H. Conner, John H. Howard, David S. Rosent] 
F. Donelson Smith 

March 1986 Communications of the ACM, volume 29 issue 3 
Publisher: ACM Press 

Full text available* nnpdf{2 16 MB) Additional Information: [full citation, abstract, references, citings, index terms 

' — ' " review 

The Information Technology Center (ITC), a collaborative effort between IBM and Carnegie-Mello 
University, is in the process of creating Andrew, a prototype computing and communication system 
universities. This article traces the origins of Andrew, discusses its goals and strategies, and gives a] 
overview of the current status of its implementation and usage. 

20 Security engineering in an evolutionary acquisition environment 
Marshall D. Abrams 

January 1998 Proceedings of the 1998 workshop on New security paradigms NSPW f 98 
Publisher: ACM Press 

Full text available: |T] pdf(729.98 KB) Additional Information: [full citation , references , citings , index terms 
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22 A d|strjby architecture: applying t he tra n spo rt layer sec urity protoco l 
^ Mohammad Mirhakkak 

^ October 1993 ACM SIGCOMM Computer Communication Review, volume 23 issue 5 
Publisher: ACM Press 

Full text available: *g) pdf(892.06 KB) Additional Information: full citation, abstract, index term s 

A great deal of attention has been given to the development of Open Systems Interconnection 
(OSI) security protocols in recent years. However, limited work has been dedicated to using the 
protocols to develop security architectures for securing distributed systems consisting of trustee 
computer systems communicating via untrusted networks. This paper presents an overview oft 
Transport Layer Security Protocol (TLSP) and discusses its application to the development of a 
security architecture ... 

23 Security in mobile agent system: problems and approaches 
Yang Kun, Guo Xin, Liu Dayou 

^ January 2000 ACM SIGOPS Operating Systems Review, volume 34 issue 1 
Publisher: ACM Press 

Full text available: pdf(554.66 KB) Additional Information: full citation, abstract, references , citings 

Despite its many practical benefits, mobile agent technology results in significant new security 
threats from both malicious agents and hosts. This paper investigates the problems and 
approaches of mobile agent system, which shows that bi-directional and layered security model 
may be a good idea to resolve the security problems in mobile agent systems. Other topics aboi 
mobile agent security, such as constrained execution and virus detection, are also discussed. 

Keywords: bi-directional security mechanism, layered security mechanism, mobile agents, 
security 
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Publisher: ACM Press 
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This paper describes two techniques that improve throughput in an ad hoc network in the 
presence of nodes that agree to forward packets but fail to do so. To mitigate this problem, we 
propose categorizing nodes based upon their dynamically measured behavior. We use a watchd 
that identifies misbehaving nodes and a pathrater that helps routing protocols avoid these node 
Through simulation we evaluate watchdog and pathrater using packet throughput, percent ... 
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